package com.liy.supercloud.ssoserver.filter;

import com.liy.framework.common.extvo.LoginInfo;
import com.liy.framework.common.extvo.ResultVO;
import com.liy.framework.common.extvo.TokenVo;
import com.liy.framework.common.utils.ContextHandler;
import com.liy.supercloud.ssoserver.config.JwtTokenSevice;
import com.liy.supercloud.ssoserver.util.URLExcluder;
import java.io.IOException;
import java.util.Iterator;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.ext.Provider;

import org.jboss.resteasy.core.ResteasyContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

@Component
@Provider
public class AuthorizationRequestFilter implements ContainerRequestFilter {

    protected static Logger log = LoggerFactory.getLogger(AuthorizationRequestFilter.class);

    private static PathMatcher matcher = new AntPathMatcher();

    @Value("${dascloud.authrization.enabled: true}")
    private Boolean authrizationEnabled;

    @Value("${dascloud.authrization.user.token-header:Authorization}")
    private String tokenName;

    @Autowired
    private JwtTokenSevice jwtTokenService;

    private static int i = 0;


    public void filter(ContainerRequestContext requestContext) throws IOException {
        requestContext.setProperty("start_time", System.currentTimeMillis());
        log.info("jaxrs request filter：" + requestContext.getUriInfo().getAbsolutePath().toString());
        String path = requestContext.getUriInfo().getPath();
        Iterator var3 = URLExcluder.urlList.iterator();

        String authKey;
        do {
            if (!var3.hasNext()) {
                if (!this.authrizationEnabled) {
                    return;
                }

                String jwtToken = requestContext.getHeaderString("JwtToken");
                authKey = requestContext.getHeaderString("AuthKey");
                if (jwtToken != null && !"".equals(jwtToken.trim())) {
                    LoginInfo user = new LoginInfo();
                    user.setAccount("admin");
                    user.setId("abc" + i++);
                    ResteasyContext.pushContext(LoginInfo.class, user);
                    ResteasyContext.pushContext(TokenVo.class, null);
                    ContextHandler.setLoginUser(user);

                    try {
                        LoginInfo loginInfo = this.jwtTokenService.getInfoFromToken(jwtToken);
                        ContextHandler.setLoginUser(loginInfo);
                        ContextHandler.setJwtToken(jwtToken);
                        ContextHandler.setAuthKey(jwtToken);
                    } catch (Exception var7) {
                        log.warn(var7.getMessage(), var7);
                        this.stopAccess(requestContext, "401", "请求拒绝：未认证或认证失败!");
                    }

                    return;
                }

                this.stopAccess(requestContext, "401", "未认证的请求!");
                return;
            }

            authKey = (String)var3.next();
        } while(!matcher.match(authKey, path));

    }

    private void stopAccess(ContainerRequestContext requestContext, String code, String message) {
        requestContext.abortWith(Response.status(Status.UNAUTHORIZED).entity(new ResultVO(false, message, code)).build());
    }
}
